[security-dev] PicketLink Version and "Core" Module name
Jason Porter
lightguard.jp at gmail.com
Thu Oct 18 16:43:13 EDT 2012
On Oct 18, 2012, at 14:09, Shane Bryzak <sbryzak at redhat.com> wrote:
> On 19/10/12 01:34, Anil Saldhana wrote:
>> a) I am presuming we have agreement that the PicketLink version for the
>> consolidated workspace should be v3.x
>
> +1, I've gone ahead and updated the version number. On a site note,
> some of the LDAPIdentityStore tests have started failing and I'm not
> sure why. Anil, if you have time could you please take a look at this?
> Otherwise I can delve deeper into it later today.
>
>> b) Regarding the module name "core" that most of us want renamed to "cdi".
>> I do not see issues with it called "core" as long as PL 2.x federation
>> users on non-ee environments upgrading to PL3 do not have a requirement
>> to have CDI/Weld jars. Ideally we cannot force users to require Weld
>> jars to run SAML on tomcat, for example.
>
> I'm -1 on renaming core to cdi. To me this seems like a ridiculous
> idea, akin to Spring Security calling their core module "spring", or
> Hibernate calling their core module "db". If we're going to be pushing
> PicketLink as being a complete security integration framework for EE6
> then it would be redundant and non-intuitive to name the core module
> cdi. As for PicketLink Federation, if there is an SE requirement for it
> then we can just implement it as a submodule like we've done for IDM,
> and make a note in the documentation that it is possible to use it
> standalone in an SE environment.
+1. I think naming it cdi would be a mistake. I'm not sure how the cdi module is going to be done, but it seems to me if things are done in an injection friendly way (minimal usage of new being a big one) the cdi module could simply add metadata needed for cdi to pick things up (creating annotated types, injection points, etc) and just be a cdi extension (of course I'm not sure exactly how feasible this really is, but recoding what's in core just to add some annotations is ridiculous).
More information about the security-dev
mailing list